Results 11  20
of
20
Factorizationbased FailStop Signatures Revisited
, 2004
"... Failstop signature (FSS) schemes are important primitives because in a failstop signature scheme the signer is protected against unlimited powerful adversaries as follows: Even if an adversary breaks the scheme's underlying computational hard problem and hence forges a signature, then with over ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Failstop signature (FSS) schemes are important primitives because in a failstop signature scheme the signer is protected against unlimited powerful adversaries as follows: Even if an adversary breaks the scheme's underlying computational hard problem and hence forges a signature, then with overwhelming probability the signer is able to prove that a forgery has occurred (i.e. that the underlying hard problem has been broken). Although there is a practical FSS scheme based on the Discrete Logarithm problem, no provable secure FSS scheme is known that is based on the pure factorization problem (i.e. the assumption that integer factoring for arbitrary integers is hard). To be more concrete, the most popular factorization based FSS scheme relies on the assumption that factoring a special kind of Blum integers is intractable. All other FSS schemes related to integer factoring are based on even stronger assumptions or insecure. In this paper, we first cryptanalyze one of those schemes and show how to construct forged signatures that don't enable the signer to prove forgery. Then we repair the scheme at the expense of a reduced message space. Finally, we develop a new provable secure scheme based on the di#culty of factoring integers of the shape p q for primes p, q.
EPOC: Efficient Probabilistic PublicKey Encryption
"... We describe a novel publickey cryptosystem, EPOC (Efficient Probabilistic PublicKey Encryption), which has three versions: EPOC1, EPOC2 and EPOC3. EPOC1 is a publickey encryption system that uses a oneway trapdoor function and a random function (hash function). EPOC2 and EPOC3 are public ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
We describe a novel publickey cryptosystem, EPOC (Efficient Probabilistic PublicKey Encryption), which has three versions: EPOC1, EPOC2 and EPOC3. EPOC1 is a publickey encryption system that uses a oneway trapdoor function and a random function (hash function). EPOC2 and EPOC3 are publickey encryption systems that use a oneway trapdoor function, two random functions (hash functions) and a symmetrickey encryption (e.g., onetime padding and blockciphers).
Zero knowledge interactive proofs of knowledge (a digest)", Second Conference on Theoretical Aspects of Reasoning about Knowledge
 IBM Research Division, T. J. Watson Research
, 1988
"... Suppose an associate handed you a 500 digit number N, and informed you, "I know the prime factorization of N. " What would convince you of the truth of your associate's statement? If your associate could be persuaded to reveal the factorization to you, a few simple tests would convince you ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Suppose an associate handed you a 500 digit number N, and informed you, "I know the prime factorization of N. " What would convince you of the truth of your associate's statement? If your associate could be persuaded to reveal the factorization to you, a few simple tests would convince you of the statement's truth. Unfortunately the associate responds to this request by saying, "The factorization is a secret. In fact, I would like to convince you that I know the factorization of N without divulging any other useful information." How can you hope to be convinced that your associate is not deceiving you? Needless to say, a primality testing algorithm quickly reveals N to be composite, but your favorite factorization algorithms make no progress whatever. These seemingly irreconcilable positions (the associate's unwillingness to reveal any knowledge, your unwillingness to accept your associate's statement without proof) are reconcilable through a protocol known as a "zero knowledge interactive proof", introduced by Goldwasser, Mica]i, and Rackofl ~ [15] in 1985. Informally, an interactive proof is a pair of protocols executed by two parties, called the "prover " and the "verifier",
A Note on Quadratic Residuosity and UP
, 2004
"... UP is the class of languages accepted by polynomialtime nondeterministic Turing machines that have at most one accepting path. We show that the quadratic residue problem belongs to UP intersect coUP. This answers afirmatively an open problem, discussed in Theory of Computational Complexity (Du and ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
UP is the class of languages accepted by polynomialtime nondeterministic Turing machines that have at most one accepting path. We show that the quadratic residue problem belongs to UP intersect coUP. This answers afirmatively an open problem, discussed in Theory of Computational Complexity (Du and Ko, 2000), of whether the quadratic nonresidue problem is in NP. We generalize to higher powers and show the higher power residue problem also belongs to UP intersect coUP.
Paillier’s Cryptosystem Modulo p 2 q and Its Applications to Trapdoor Commitment Schemes
"... In 1998/99, T. Okamoto and S. Uchiyama on the one hand and P. Paillier on the other hand introduced homomorphic encryption schemes semantically secure against passive adversaries (INDCPA). ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
In 1998/99, T. Okamoto and S. Uchiyama on the one hand and P. Paillier on the other hand introduced homomorphic encryption schemes semantically secure against passive adversaries (INDCPA).
Approximate Constructions In Finite Fields
"... this paper are new, we do not give complete detailed proofs but indicate the underlying ideas. Here we present a list of possible applications (which is certainly incomplete). We start from pointing out some general purpose applications: ffl Coding Theory : AP1, AP3, AP6 ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
this paper are new, we do not give complete detailed proofs but indicate the underlying ideas. Here we present a list of possible applications (which is certainly incomplete). We start from pointing out some general purpose applications: ffl Coding Theory : AP1, AP3, AP6
�A Threshold for NEMO Group Communications
"... Abstract—In this paper, a novel secure key sharing and distribution scheme for network mobility (NEMO) group communications is proposed. The scheme offers the capability of multiple key sharing and distribution for current and future application scenarios, and a threshold mechanism that effectively ..."
Abstract
 Add to MetaCart
Abstract—In this paper, a novel secure key sharing and distribution scheme for network mobility (NEMO) group communications is proposed. The scheme offers the capability of multiple key sharing and distribution for current and future application scenarios, and a threshold mechanism that effectively improves flexibility and robustness of the key sharing and distribution process. Both forward and backward secrecy are guaranteed by compulsive key refreshment and automatic key refreshment mechanisms, which provide dynamic inprogress group communication joining/ leaving and periodic keys renewal, respectively. Security and performance analysis are presented to demonstrate that the proposed scheme meets the special security requirements for NEMO group communications and is competent for key sharing and distribution service. Index Terms—Forward and backward secrecy, key distribution and management, network mobility (NEMO) group communications, threshold mechanism. I.
SelfEvaluation ESIGN Signatures
"... This document details security assessment and performance on ESIGN signature scheme. ..."
Abstract
 Add to MetaCart
This document details security assessment and performance on ESIGN signature scheme.
Factorizationbased FailStop Signatures Revisited No Author Given
"... Abstract. Failstop signature (FSS) schemes are important primitives because in a failstop signature scheme the signer is protected against unlimited powerful adversaries as follows: Even if an adversary breaks the scheme’s underlying computational hard problem and hence forges a signature, then wi ..."
Abstract
 Add to MetaCart
Abstract. Failstop signature (FSS) schemes are important primitives because in a failstop signature scheme the signer is protected against unlimited powerful adversaries as follows: Even if an adversary breaks the scheme’s underlying computational hard problem and hence forges a signature, then with overwhelming probability the signer is able to prove that a forgery has occurred (i.e. that the underlying hard problem has been broken). Although there is a practical FSS scheme based on the Discrete Logarithm problem, no provable secure FSS scheme is known that is based on the pure factorization problem (i.e. the assumption that integer factoring for arbitrary integers is hard). To be more concrete, the most popular factorization based FSS scheme relies on the assumption that factoring a special kind of Blum integers is intractable. All other FSS schemes related to integer factoring are based on even stronger assumptions or insecure. In this paper, we first cryptanalyze one of those schemes and show how to construct forged signatures that don’t enable the signer to prove forgery. Then we repair the scheme at the expense of a reduced message space. Finally, we develop a new provable secure scheme based on the difficulty of factoring integers of the shape p 2 q for primes p, q.